On 28-Dec-1999 Adam J. Richter wrote:
> If the problem with making the stack unexecutable is a few
> pieces of trampoline code, then how about just modifying the few
> programs that use this code to mprotect the stack when they actually
> need it to be executable? Even if these programs simply made their
> entire stack area executable at initialization time, at least the
> other programs would be considerably more secure.
> I believe this change would eliminate about half of the root
> exploits that I see reports of, or, to put it more dramatically, it
> would eliminate more exploits than all other improvements combined.
1. It is a stick with two ends. You become slow lame and lazy and forget to
update (under the idea: whatever, nobody can exploit it anyway).
Have a look at DGUX. It used to have a non-exec stack in the 3.x days. As a
result most of the exploits (even elementary ones like lpd were not fixed). Then
in 4.x the stack had to go executable again. And then it became fun (actually I
am slightly incorrect here because the fun officially began after some kid
posted general purpose shellcode for alpha).
2. Trampolines:
A: the few programs are f.e. glibc itself or docs on solar
designer patches are wrong.
B: solar designer patches have been doing this for quite a while.
3. If at least solar designer's and andrew tridgel's patches (pipes in
proc, etc) will finally make it into the mainstream kernel it will be very very
My 0.02$
- ----------------------------------
Anton R. Ivanov
IP Enginteer Level3 Communications
RIPE: ARI2-RIPE E-Mail: Anton Ivanov <aivanov@eu.level3.net>
@*** Gerrold's Laws of Infernal Dynamics (No 2 of 3)
An object at rest will always be in the wrong place.
- ----------------------------------
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/